{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T14:17:28.095","vulnerabilities":[{"cve":{"id":"CVE-2023-39266","sourceIdentifier":"security-alert@hpe.com","published":"2023-08-29T20:15:09.637","lastModified":"2024-11-21T08:15:01.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.\n\n\n"},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración web de ArubaOS-Switch podría permitir que un atacante remoto no autenticado lleve a cabo un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz, siempre que ciertas opciones de configuración estén presentes. Un exploit exitoso podría permitir a un atacante ejecutar código de script arbitrario en el navegador de la víctima en el contexto de la interfaz afectada."}],"metrics":{"cvssMetricV31":[{"source":"security-alert@hpe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*","versionEndExcluding":"a.15.16.0026","matchCriteriaId":"6EF6288C-3E1F-4E2F-BDE2-319E6774F1BD"},{"vulnerable":true,"criteria":"cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*","versionStartIncluding":"16.01.0000","versionEndExcluding":"16.04.0027","matchCriteriaId":"D421C423-B11A-43F0-A0E9-9ABD0CC3E7A9"},{"vulnerable":true,"criteria":"cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*","versionStartIncluding":"16.05.0000","versionEndExcluding":"16.08.0027","matchCriteriaId":"90E95208-9E6A-4A27-91EF-EFF9EBB5CDF0"},{"vulnerable":true,"criteria":"cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*","versionStartIncluding":"16.10.0001","versionEndExcluding":"16.10.0024","matchCriteriaId":"3A977A83-A7F4-4FE7-9AC9-5584801CC039"},{"vulnerable":true,"criteria":"cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*","versionStartIncluding":"16.11.0001","versionEndExcluding":"16.11.0013","matchCriteriaId":"EF10EBA8-E257-4E81-8B5A-04E643FD27F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_2530:-:*:*:*:*:*:*:*","matchCriteriaId":"CA0DC0DE-5F4A-4D2A-AFCA-E36A103D5A6E"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_2530ya:-:*:*:*:*:*:*:*","matchCriteriaId":"B8251986-B9F2-4345-A4D7-EB3737F12AE0"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_2530yb:-:*:*:*:*:*:*:*","matchCriteriaId":"3D7A8F42-55C8-4A2B-8A34-1B1B8BE3BEDF"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_2540:-:*:*:*:*:*:*:*","matchCriteriaId":"FDEDD15E-289E-4B15-8620-547EA19CAEE7"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_2920:-:*:*:*:*:*:*:*","matchCriteriaId":"B1782D4A-AD68-4BD2-8453-EE22BCF2DC99"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_2930f:-:*:*:*:*:*:*:*","matchCriteriaId":"97C4FCD2-BB70-4848-B08A-223B5C3467BB"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_2930m:-:*:*:*:*:*:*:*","matchCriteriaId":"2561E158-FB61-4FFD-B680-DADF7BC2C6D1"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_3810m:-:*:*:*:*:*:*:*","matchCriteriaId":"F3CE933B-68BA-45BA-81BD-95D873B858B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:*:*:*:*:*:*:*","matchCriteriaId":"8E982204-9ADC-4242-86C2-A407D6EA7DB0"},{"vulnerable":false,"criteria":"cpe:2.3:h:arubanetworks:aruba_5412r_zl2:-:*:*:*:*:*:*:*","matchCriteriaId":"8549CD94-50E2-4615-94C2-D76FADFBA3AC"}]}]}],"references":[{"url":"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt","source":"security-alert@hpe.com","tags":["Vendor Advisory"]},{"url":"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}